Apple iPhone 1.1.1 Mobile Safari Browser iFrame Same Origin Policy Bypass Vulnerability

Apple iPhone 1.1.1 Mobile Safari Browser iFrame Same Origin Policy Bypass Vulnerability

Apple iPhone Mobile Safari Browser is prone to a vulnerability that lets attackers bypass the same-origin policy.

Attackers can exploit this issue to execute arbitrary JavaScript in the context of another domain.

Versions prior to iPhone 1.1.1 are vulnerable.

NOTE: This issue was initially disclosed along with several other issues in BID 25834 (Apple iPhone 1.1.1 Update Multiple Security Vulnerabilities). Each issue has been assigned its own BID to better document the details.